- FindBugs (latest version 1.3.8) – uses static analysis to look for bugs in Java code. This is a great tool, it discovered possible NullPointerExceptions and a lot more bugs in my projects. Sometimes I asked myself how this program could have discovered this ‘complicated’ bug.With the maven plugin you can do:
which will use version 1.3.8 out of the box
- PMD (latest version 4.2.5) – scans Java source code and looks for potential problems. The rules are configurable, but at the beginning you will only need the provided one (and spend a lot of time to choose your favourites ;-))In NetBeans 6.5 this tool is well integrated and works like a charme (CTRL+ALT+P).With the maven plugin you can do:
after you specified the following in the pom.xml under<reporting> <plugins> :
<plugin> <groupId>org.apache.maven.plugins</groupId> <artifactId>maven-pmd-plugin</artifactId> <version>2.3</version> <configuration> <targetJdk>1.5</targetJdk> </configuration> </plugin>
Other tools could be
- JarAnalyzer – Is a dependency management utility for jar files. It’s primary purpose is to traverse through a directory, parse each of the jar files in that directory, and identify the dependencies between the jar files.
- HammurAPI – a code quality governance platform
but I didn’t tried them so far.
For Findbugs and pmd there is a NetBeans plugin (SQE … software quality environment) which looks promising, but fails with a NullPointerException after I installed it via the update center and tried it on my project. Maybe I should use one of the snapshots. (BTW: I successfully used the pmd-plugin and findbugs in the standalone version).
Sonar is another interesting approach to use several code quality tools at a time. With Sonar it is possible to see the violations or possible bugs over das or weeks – so, you are looking at the improvements and you will not get lost in the mass of bugs at the beginning. Another “multi-tooling” project is XRadar.
A little bit offtopic, but a great tool is proguard, which shrinks, optimizes, obfuscates and preverifies Java class files. There is even a maven plugin for that.